3 matches found
CVE-2026-24761
Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to access metadata of resources belonging to other users due to insufficient authorization checks on resource...
EUVD-2026-33838
Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource...
PT-2026-45648
Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.3.0 Description Kiteworks is a private data network PDN. A reflected Cross-Site Scripting XSS issue in Kiteworks Secure Data Forms allows an external attacker to trick a user into executing arbitrary JavaScript...